Slashdot Mirror

← Back to Stories (view on slashdot.org)

Research Unveils Improved Method To Let Computers Know You Are Human

Posted by Unknown on from the until-computers-improve dept.

An anonymous reader writes CAPTCHA services that require users to recognize and type in static distorted characters may be a method of the past, according to studies published by researchers at the University of Alabama at Birmingham. Researchers focused on a broad form of gamelike CAPTCHAs, called dynamic cognitive game, or DCG, CAPTCHAs, which challenge the user to perform a gamelike cognitive task interacting with a series of dynamic images. For example, in a "ship parking" DCG challenge, the user is required to identify the boat from a set of moving objects and drag-and-drop it to the available "dock" location. The puzzle is easy for the human user to solve, but may be difficult for a computer program to figure out. The game-like nature may make the process more engaging for the user compared to conventional text-based CAPTCHAs. There are a couple research papers available: "A Three-Way Investigation of a Game-CAPTCHA: Automated Attacks, Relay Attacks and Usability" and "Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming."

15 of 91 comments (clear)

  1. Re:I... by Anonymous Coward · · Score: 2, Informative

    I generally just close the page whenever I see one of those awful text based captcha, where you have to squint at the screen to even be able to tell 10% of the time what is written on those awful blurry squiggles. Whatever you're selling, unless I can read it and type it easily/quickly, it ain't worth my time.

    you sound like the helpless baby boomers that bug the staff and ask questions when the answer to those questions is right in front of them. dont you have a homeowners association to run, a voting booth to visit, or a AARP magazine to read?

  2. Watch them get ignored by boondaburrah · · Score: 3, Interesting

    Man if these start showing up, They're going to look exactly like those "hit the target 3 times to win" flash-based advertisements. I'll probably glaze over them multiple times trying to submit a form before I notice that a 'completing the game' captcha is what's preventing me from leaving my incredible razor wit splattered all over someone's comments section.

    1. Re:Watch them get ignored by Anonymous Coward · · Score: 2, Interesting

      You you just wait. They'll start putting advertisements in the captchas.

      They'll soon figure out it's more profitable to make you find the $(NameBrand) ship and drag it from the $(NewProduct) port to the $(TownNearYou) port.

    2. Re:Watch them get ignored by Anonymous Coward · · Score: 2, Funny

      You you just wait. They'll start putting advertisements in the captchas.

      So that's why my last one said "be sure to drink your ovaltine."

  3. My only question: does it work at Google-scale? by Anubis+IV · · Score: 5, Interesting

    The nice thing about current text-based CAPTCHAs is that they can be applied to any website, whether large or small, and require very little input or tinkering from individual web administrators. The other nice thing about this is that they have an infinite number of possible variations, what with the different ways you can transform text.

    This new idea would work great for a small site that will never be a target of a directed attack, but we already have hundreds of different CAPTCHA variations that can be used for that sort of thing. I use a simpler but similar idea on one of my sites, where I have new registrants drag words into matching categories that I set up. I've had zero bot registrations since I set it up a few years back, and a number of comments from actual users that love the system.

    But if you apply something like what I use or this new idea to a site like Google, the folks trying to break in will inevitably code up algorithms to handle each of the finite number of minigames they set up with their finite number of items in them, rendering the whole thing pretty useless. The only way to get infinite variation out of it is to start applying image transformation to the items being used so that they can't be as easily identified, and if you start doing that, you're right back where we are now.

    1. Re:My only question: does it work at Google-scale? by StripedCow · · Score: 2

      The problem with the current CAPTCHAs is that they are prone to a Mechanical Turk attack.
      This new type of CAPTCHA could in principle solve this issue.

      --
      If Pandora's box is destined to be opened, *I* want to be the one to open it.
    2. Re:My only question: does it work at Google-scale? by dcollins117 · · Score: 2

      The problem with the current CAPTCHAs is that they are prone to a Mechanical Turk attack.

      That's a problem with CAPCTHAs, not the only one. I've encountered several that I couldn't solve, even after trying several times, eventually leaving me no choice but to give up and go elsewhere.

      It's a problem when your human detector fails to detect humans.

    3. Re:My only question: does it work at Google-scale? by blane.bramble · · Score: 2

      It's a problem when your human detector fails to detect human

      Says the bot!

  4. As with all other CAPTCHA 'alternatives', by Beck_Neard · · Score: 3, Informative

    The problem is that you can really only come up with a finite number of these, and once an attacker has a large enough sample of them (say, 10%), he can simply write a bit of code to 'solve' each one.

    The thing about CAPTCHAs that makes them great is that you can randomly generate a huge bunch of them.

    Anyway, the headline so completely misrepresents this research that it basically says the opposite of what the researchers are saying. The researchers, in fact, created an automated system to solve DCGs! Their contribution was a system that detects 'crowd-sourcing' attacks - attacks where shady companies pay volunteers pennies to solve CAPTCHAs by hand. The researchers said they are going to work on improved DCGs that can't be solved automatically, but nothing of the sort is being unveiled here.

    --
    A fool and his hard drive are soon parted.
  5. I'd rather they continue to think I'm a bot! by EzInKy · · Score: 5, Funny

    Proving I'm human just subjects me to more ads I don't want to see.

    --
    Time is what keeps everything from happening all at once.
  6. Solve this puzzle for him. by weilawei · · Score: 3, Funny

    When he comes back, I'll hit him with a paradox.

  7. Re:I get it by Inconexo · · Score: 3, Insightful

    Those games may be "engaging" when you want to play a game. When I want to do something different in the Internet, I feel more like annoyed.

  8. Re:Reminds me of ASIRRA from Microsoft by Anne+Thwacks · · Score: 2

    I think you will find that was Dell and Amstrad. Microsoft are the ones that made the appallingly inconsistent software that routinely leaks your data to criminals, and crashes with a BSOD.

    --
    Sent from my ASR33 using ASCII
  9. Re:I... by jgdnavy · · Score: 2

    While I mostly agree with you, and have seen more than one CAPTCHA that I can't solve no matter how many times I refresh, I have to disagree with you on the homeowners' association. While I agree that community is a good thing, and am in favor of community leagues that actually focus on community issues instead of rules about paint colors and whether basketball goals are allowed, almost every homeowner's association I've seen has been a way for the couple of people with the time and desire for control to override individual's property rights. Two homes ago, we were not allowed to use anything besides standard white mini-blinds in our houses, and at my last place there were only two colors that shutters and doors were allowed to be painted, and my landlord (an individual homeowner, not a complex) had to strip and restain his deck because at some point after he originally stained it they decided the previously allowed colors were no longer allowed.

  10. Re:How about a way to prove you're a human once by oodaloop · · Score: 2

    Brilliant! Then the next time you log in, you just have to prove you're the same human from last time! Wow, that's so much easier!

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.